Home

Awesome

DEPRECATED

This role has been deprecated in favor of a the grafana-ansible-collection collection.

<p><img src="https://grafana.com/blog/assets/img/blog/timeshift/grafana_release_icon.png" alt="grafana logo" title="grafana" align="right" height="60" /></p>

Ansible Role: grafana

Build Status License Ansible Role GitHub tag

Provision and manage grafana - platform for analytics and monitoring

Requirements

Role Variables

All variables which can be overridden are stored in defaults/main.yml file as well as in table below.

NameDefault ValueDescription
grafana_use_provisioningtrueUse Grafana provisioning capability when possible (grafana_version=latest will assume >= 5.0).
grafana_provisioning_syncedfalseEnsure no previously provisioned dashboards are kept if not referenced anymore.
grafana_versionlatestGrafana package version
grafana_yum_repo_templateetc/yum.repos.d/grafana.repo.j2Yum template to use
grafana_manage_repotrueManage package repo (or don't)
grafana_instance{{ ansible_fqdn | default(ansible_host) | default(inventory_hostname) }}Grafana instance name
grafana_logs_dir/var/log/grafanaPath to logs directory
grafana_data_dir/var/lib/grafanaPath to database directory
grafana_address0.0.0.0Address on which grafana listens
grafana_port3000port on which grafana listens
grafana_cap_net_bind_servicefalseEnables the use of ports below 1024 without root privileges by leveraging the 'capabilities' of the linux kernel. read: http://man7.org/linux/man-pages/man7/capabilities.7.html
grafana_url"http://{{ grafana_address }}:{{ grafana_port }}"Full URL used to access Grafana from a web browser
grafana_api_url"{{ grafana_url }}"URL used for API calls in provisioning if different from public URL. See this issue.
grafana_domain"{{ ansible_fqdn | default(ansible_host) | default('localhost') }}"setting is only used in as a part of the root_url option. Useful when using GitHub or Google OAuth
grafana_server{ protocol: http, enforce_domain: false, socket: "", cert_key: "", cert_file: "", enable_gzip: false, static_root_path: public, router_logging: false }server configuration section
grafana_security{ admin_user: admin, admin_password: "" }security configuration section
grafana_database{ type: sqlite3 }database configuration section
grafana_welcome_email_on_sign_upfalseSend welcome email after signing up
grafana_users{ allow_sign_up: false, auto_assign_org_role: Viewer, default_theme: dark }users configuration section
grafana_auth{}authorization configuration section
grafana_ldap{}ldap configuration section. group_mappings are expanded, see defaults for example
grafana_session{}session management configuration section
grafana_analytics{}Google analytics configuration section
grafana_smtp{}smtp configuration section
grafana_alerting{}alerting configuration section
grafana_log{}log configuration section
grafana_metrics{}metrics configuration section
grafana_tracing{}tracing configuration section
grafana_snapshots{}snapshots configuration section
grafana_image_storage{}image storage configuration section
grafana_dashboards[]List of dashboards which should be imported
grafana_dashboards_dir"dashboards"Path to a local directory containing dashboards files in json format
grafana_datasources[]List of datasources which should be configured
grafana_environment{}Optional Environment param for Grafana installation, useful ie for setting http_proxy
grafana_plugins[]List of Grafana plugins which should be installed
grafana_alert_notifications[]List of alert notification channels to be created, updated, or deleted

Datasource example:

grafana_datasources:
  - name: prometheus
    type: prometheus
    access: proxy
    url: 'http://{{ prometheus_web_listen_address }}'
    basicAuth: false

Dashboard example:

grafana_dashboards:
  - dashboard_id: 111
    revision_id: 1
    datasource: prometheus

Alert notification channel example:

NOTE: setting the variable grafana_alert_notifications will only come into effect when grafana_use_provisioning is true. That means the new provisioning system using config files, which is available starting from Grafana v5.0, needs to be in use.

grafana_alert_notifications:
  notifiers:
    - name: Channel 1
      type: email
      uid: channel1
      is_default: false
      send_reminder: false
      settings:
        addresses: "example@example.com"
        autoResolve: true
  delete_notifiers:
    - name: Channel 2
      uid: channel2

Use a custom Grafana Yum repo template example:

Supported CPU Architectures

Historically packages were taken from different channels according to CPU architecture. Specifically, armv6/armv7 and aarch64/arm64 packages were via unofficial packages distributed by fg2it. Now that Grafana publishes official ARM builds, all packages are taken from the official Debian/Ubuntu or RPM packages.

Example

Playbook

Fill in the admin password field with your choice, the Grafana web page won't ask to change it at the first login.

- hosts: all
  roles:
    - role: cloudalchemy.grafana
      vars:
        grafana_security:
          admin_user: admin
          admin_password: enter_your_secure_password

Demo site

We provide demo site for full monitoring solution based on prometheus and grafana. Repository with code and links to running instances is available on github and site is hosted on DigitalOcean.

Local Testing

The preferred way of locally testing the role is to use Docker and molecule (v2.x). You will have to install Docker on your system. See "Get started" for a Docker package suitable to for your system. We are using tox to simplify process of testing on multiple ansible versions. To install tox execute:

pip3 install tox

To run tests on all ansible versions (WARNING: this can take some time)

tox

To run a custom molecule command on custom environment with only default test scenario:

tox -e py35-ansible28 -- molecule test -s default

For more information about molecule go to their docs.

If you would like to run tests on remote docker host just specify DOCKER_HOST variable before running tox tests.

Travis CI

Combining molecule and travis CI allows us to test how new PRs will behave when used with multiple ansible versions and multiple operating systems. This also allows use to create test scenarios for different role configurations. As a result we have a quite large test matrix which will take more time than local testing, so please be patient.

Contributing

See contributor guideline.

Troubleshooting

See troubleshooting.

License

This project is licensed under MIT License. See LICENSE for more details.